In this document

XOD documents can be encrypted at conversion time and WebViewer can view these documents when supplied with the password. Documents are encrypted with 128 bit AES (Advanced Encryption Standard), a specification from the National Institute of Standards and Technology (NIST), and is used by governments and businesses worldwide.

This allows you to implement certain forms of DRM which can be useful if you want users to only be able to view documents inside the viewer and not simply download the files to view any time outside of it.

For example a web magazine viewer would likely not want users to simply download the magazines and send them to their friends. Note that the files may be able to be downloaded but they would be unviewable since they would be encrypted.

Another option would be that the server doesn't store the password, the user just has to enter it in the viewer before they can view the document, effectively password protecting the document.

WebViewer with PDFNetJS supports the viewing of password protected PDF files but this is different from the XOD AES encryption. In the PDF case a dialog box will appear, prompting the user for the password.

Encryption on XOD conversion

To encrypt a XOD document on conversion you just need to pass in a password to encrypt the document with.

You can call the ToXod method with XodOutputOptions. You can specify the password in the XodOutputOptions by calling SetEncryptPassword.

Decryption on client

In the client-side JavaScript you will have to make some modifications to decrypt an encrypted XOD file. When using WebViewer you need to include an encryption property on the options object of WebViewer:

myWebViewer = new PDFTron.WebViewer({
  type: "html5",
  initialDoc: "test.xod",
  encryption: {
    p: "pass",
    type: "aes",
    error: function(msg) { alert(msg); }
}, viewerElement);

If you want to load a second password protected document you'll need to pass the encryption options to loadDocument:

readerControl.loadDocument("newdoc.xod", {
  decrypt: window.CoreControls.Encryption.decrypt,
  decryptOptions: {
    p: "newpass",
    type: "aes",
    error: function(msg) { alert(msg); }